[BSL2022] Interviews

foreign event

so after the pandemic we felt that it was really needed to come back and to put everyone together again it is indeed an important event due to the fact that you know the Raiders are a lot of awareness to the people here in Lisbon about security and how they should act let's say in some cases so yeah it's a great and actually the event was great it was very nice event very well organized I have been in a lot of events similar events and this one was great lots of companies are involved in a in sponsoring that event but it's still not at solo commercial event really love it the practitioners and the attendees are usually passionate

and really came from the quality of the of the talks and of the networking that we can have around here here we can hear technical stuff and to to talk about technique and to to discuss from technique at the technical level so it's very very I identifiable with the DNA of our company that is core technical people so that's why this event is so important because effectively we identify ourselves with the culture of this type of events that is very much focused in technology in people networking people exchanging deep knowledge regarding cyber security and not so much in sales not like a commercial event you know most of the the talks and so on and

people are expert in this area it's a an opportunity we have to connect with all these people not only the knowledge and the information they give you is important but also all the Insight of what is happening around the world [Music] [Applause] [Music] and today I talked about how we can Bridge observability and security and as an industry as practitioners we start to understand how observability can be used to secure systems and today I discussed how we can use observability to also attack systems my talk today was about leader of actions and securing the the workflows for deployments and other automations around GitHub I explain how to use mathematics and cryptography to build techniques that can defeat any tool to

detect data leak because most of the technique nowadays make data store data yes so the whole point was to show some really cool tricks that you can do in the kernel that you cannot do in user mode and hopefully create some curiosity around it and I have some people join in yeah I was hoping my lecture would try to inspire folks into coming into Hardware buildings and make clears world and try to make security devices using Hardware either to hack into stuff break into stuff or to defend also it's also valid points for example are getting all connected to the internet and I think you will see like in 10 or 20 years you will want to buy a light

bulb or or a toaster that's not connected to the internet they won't exist anymore everything will be connected and that just represents additional text surface additional food places that attackers can gain into your network either your own network or company Network and that will complicate the device as security practitioners a lot and I think we should start paying attention of what makes sense to be connected and online and what doesn't so my name is marimo and I'm 100 dependent on a pacemaker which is generating every single bit of my heart I'm also a security researcher so I started a hacking project to figure out if my connected pacemaker can be hacked Yeah so basically developers are not

properly testing regular Expressions on back-ends and that's a big problem because slight modifications in the user input can lead to Great damage in systems we all use and depend on so basically we our talk was on web isolation and the key takeaways is that doing a good web isolation should be designed around three principles the first one is the units of isolation so the compartment size the second one is the isolation materials which should be strong enough to withstand the threats that we're facing and finally visibility and user friendliness are very critical otherwise no one will use the web isolation solution [Music] thank you since we we selected Lisbon to be a central hub for our technology area we

thought that would be good to invest in this event so we find cyber security of course one of the key points to keeping our information safe communities kind of our secret Source like we believe very strongly in the power of communities getting together build a great products doing good things in the world and for me besides is the purest expression of that in in the security industry these are the places where technologists and practitioners get together and you know Network and talk about things that we can really solve so I'm Philip I work for elastic I'm a developer Advocate I've been with the company for almost six and a half years so that's what I've been doing for

a long time so elastic was founded kind of like in the community and it's very relevant for us to stay close to that and it's kind of like the continuous innovation that we we get from working with the people of how they build things and how they use our products foreign [Music] it's a great opportunity to meet with the community show what we've been doing talk a little bit about what's next and also to share that we're here and uh as data dog we're also expanding to Lisbon starting an office here doing product development and just wanted people to to be aware and we can start to to be part of this uh this community

so I see this somewhat as a responsibility for Deloitte as a global company that works a lot in this field to to support these kinds of events where awareness is created regarding cyber security where immense knowledge is distributed between all the participants and I think that's That's essential for our day-to-day lives yeah besides Lisbon brings in the top talent in Portugal and it's important for us to be here to meet them but also again to show our appreciation for all of that they have contributed to Cobalt success so beside is is really important for us because it allows us to get in touch with the community the security community in Portugal it's a way for us

also to expose our brand and be visible as a sponsor it is a big Advantage is to the networking to meet new customers and help help them in this area for us to be present here have some some possibility to show even more of us to the participants to participate in the in the The Gatherings in the organization to have and an additional point of view to be the 10th anniversary of besides Lisbon so we are planning to actually do a huge Conference next year uh bigger than what we have done in the last few years in this Edition so keep an eye open and to the sponsors of course you know thank you very much for your

support because without you and the community people that come here this would not be possible so a big thank you to everyone

foreign